Senior Application Security Test Engineer

About Index Engines

At Index Engines, we’re all about helping companies bounce back from cyber threats and trust their data again — no matter what hits them.

Our flagship solution, CyberSense, delivers 99.99% accuracy in detecting data corruption, helping organizations recover quickly from ransomware attacks. We partner with awesome industry leaders like Dell Technologies, IBM, Lenovo/Infinidat, and Hitachi Vantara to power AI-driven cyber recovery across both primary and backup storage.

We’re a growing, tech-forward company with a startup feel and an enterprise-level impact. We take our mission seriously — but not ourselves. Expect a team that’s collaborative, curious, and loves solving hard problems together.

The Role

We’re looking for an experienced and driven Senior Security Test Engineer to join our awesome Engineering team. In this role, you’ll take our security test strategy to the next level, ensuring that our CyberSense product continues to be highly secure. You will test CyberSense using multiple security tools, assess the severity and exploitability of issues found, and work with the Engineering teams to resolve them. You will write security assessment reports that will be consumed both internally and externally. In this role, you will collaborate closely with talented engineers, product management, quality assurance engineers, and program managers and contribute to improving security processes and metrics collection

If you’re someone who finds a passion in product security, thrives in an analytical role in a dynamic environment and is on a continuous learning path, we would love to hear from you.

Come be part of a team that values curiosity, collaboration, and a shared drive to build technology that truly makes a difference.

What You'll Do • Develop a best-in-class security testing strategy by combining your deep security testing and SDLC expertise with an understanding of product architecture, customer use cases, and industry trends. • Manage and execute product security scans at various parts of our SDLC, including DAST, SCA, API, and penetration testing. • Perform security testing and analyze vulnerability findings to determine real-world exploitability, reproduce issues, separate false positives from actionable risks, and communicate remediation plans. • Verify security fixes and confirm remediation effectiveness. • Create clear and actionable security reports. • Contribute to our SDLC with respect to security practices. • Participate in threat modeling and security design discussions to identify potential risks early in the SDLC. • Stay current with security testing trends and continuously monitor and evaluate new tools and technologies. • Contribute in responding to customer and partner security inquiries. • Coordinate with independent security testing teams. • Monitor the CVE database and assess potential impacts to our products and customers. • Deploy, configure, and maintain Index Engines products in lab environments for security testing. • Provide detailed and well-documented updates in Jira tickets, including descriptions of testing performed, steps taken, and results observed. • Collaborate closely with peers, sharing expertise and supporting team success and continuous improvement.

What You Bring • 7+ years of professional experience in a security testing or security engineering role within a product company. • Experience identifying and validating software security vulnerabilities in complex applications, including the ability to reproduce and verify findings. • Deep understanding of secure SDLC best practices and processes. • Experience with DAST, SCA, and API testing using tools such as Tenable Nessus, JFrog, and OWASP ZAP. • Knowledge of networking technologies such as proxy servers and firewalls. • Strong troubleshooting skills across Linux environments and full-stack applications. • Scripting skills in Bash or Python for automation and diagnostics. • Excellent interpersonal skills with the ability to work both independently and within a collaborative team environment. • Strong written and verbal communication skills for engaging with customers and internal teams. • Experience working in a matrixed, global organization, including coordination across time zones. • Bachelor’s degree in Computer Science, Information Technology, or a related field. • A strong desire to learn, adapt, and grow in a fast-paced, customer-focused environment.

We’d Love It If You Have • Master’s degree in Computer Science or a related field. • Experience using Jira, Confluence, and Xray for issue tracking and documentation. • Familiarity with virtualization technologies such as VMware or Hyper-V. • Programming experience in Python or C/C++. • One or more ethical hacking or security certifications. • Hands-on experience with backup technologies, storage systems, and data recovery processes.

Why You'll Love Working Here

At Index Engines, you’ll join a team that’s equal parts smart, supportive, and a little nerdy (in the best way possible). We move fast, collaborate often, and celebrate wins big and small.

You’ll have the freedom to experiment, make decisions, and actually see the impact of your work. We’re proud of what we build — and we like having fun while we do it.

If you’re looking for a place where you can lead with vision, grow with purpose, and work with people who genuinely enjoy what they do, you’ll fit right in. • Competitive salary based on experience and qualifications • Comprehensive health, dental, and vision benefits • 401(k) • Opportunities for professional development and certification support • Collaborative team environment with a mission-driven culture • Unlimited PTO • Hybrid work schedule with WFH on Mondays and Fridays